So can we nail down which extra features we agree on and their design.

All that extra features that I want to see are listed as bounties in this thread...

...but there is already so much new stuff packed into this bounty and I don't think it would really help to add even more to it.

I agree do not add features to this bounty. I am suggesting we must address the features that users want if we intended on releasing an altcoin and not just meet the proof-of-concept stage of your bounty. Personally I want to code a production ready altcoin and address anonymity, otherwise I probably won't be as motivated to code it.

If someone is serious, they want to release something that wins in the market. So they want to do a market survey, then address the results of the market survey, as I am doing.

A little bit about me. I wrote in C and 68000 assembly (with one other programmer who came in later and was primary focused on FONTZ!, yet I did much of it) the first popular commercial fully featured WYSIWYG word processor for consumer PCs back in 1986, named WordUp (google "Word Up Neocept"). Had about 30% market share globally on the Atari ST. I wrote one of the first accelerated printer drivers using RLE encoding for these new GUI operating systems at the time, etc..

I was one of the 3 or 4 original developers (along with the 2 principals) who programmed Fractal Design Painter, which is now Corel Painter, a million user product. Was the first natural media painting application. This was C on the Mac and Windows.

I solely wrote in C++ CoolPage(.com and the downloadable application, along with DownloadFAST.com) which around 2001 had million users and 335,000 websites verified with Alta Vista.

I didn't include anything about anonymity because it's a tricky thing to do right and I think it's better to anonymize yourself via other means rather than rely on the coin its self being totally anonymous. Like you said in the other thread, is it really possible to have privacy at all without the anonymity of IP addresses? Designs like the zerocoin proposal are very interesting but...

I currently believe two facts (subject to being refuted) and that is why I think we need to discuss it now (in the other thread).

1. Mixing coins doesn't help so let's just forget Zerocoin and CoinJoin like mixing proposals.

2. Anonymize yourself without it being enforced on all peers in the network, means you might be blacklisted (tainted) by other peers in the future. Also peers which don't anonymize will have a timing and DoS advantage, so therefor you won't be able to anonymize yourself.

In short, it must be included in the coin.

Yes making a mix-net that isn't subject to timing and DoS attacks requires design effort. You've done a great job on the design of the mini block chain. Do you feel you, aaaxn, bytemaster, myself, et al can't do a good design specification for the mix-net?

P.S. I often edit my complex posts up to 30 minutes after initially posting them.

If someone is serious, they want to release something that wins in the market. So they want to do a market survey, then address the results of the market survey, as I am doing.

You are correct, but the problem is all we have are elaborate schemes like zerocoin. It's a very complicated thing to do and we don't have a clear proposal for how it can be merged with this mini-blockchain concept. That is why I think it's ok if we skip over the anonymity part, because if some one needs extra anonymity they can always use other software to mask their IP or what ever. I took a look at that survey thread you did a few hours ago and it looks like the demand for a scaled blockchain has now outmatched the demand for increased anonymity.

1. Mixing coins doesn't help so let's just forget Zerocoin and CoinJoin like mixing proposals.

Ok, well then that really leaves us with nothing much at all. Which is yet another good reason to skip over the anonymity part.

Quote

Yes making a mix-net that isn't subject to timing and DoS attacks requires design effort. You've done a great job on the design of the mini block chain. Do you feel you, aaaxn, bytemaster, myself, et al can't do a good design specification for the mix-net?

Perhaps we could, but my question is this: is it really worth the time and effort when we already have most of what we need to build a next generation crypto-currency and anonymity can be achieved on user level basis?

If someone is serious, they want to release something that wins in the market. So they want to do a market survey, then address the results of the market survey, as I am doing.

You are correct, but the problem is all we have are elaborate schemes like zerocoin. It's a very complicated thing to do and we don't have a clear proposal for how it can merged with this mini-blockchain concept.

I think you are missing my point. Let me try to explain.

Zerocoin and CoinJoin are decentralized ways of mixing who owns the coins. The objective was that you could mix up your identity with a bunch of other people, so no one knows who owns which coins. The problem I pointed out yesterday, is that this depends on those others not screwing up their anonymity, because if they inadvertently reveal their identity on the mixed coins, then they also reveal your identity, because only you remain unidentified, so clearly the remaining coin from the mix is you.

Thus they are unreliable and unhelpful. So just forget them entirely. Zerocoin is more complex than CoinJoin, but that is irrelevant to my point, which is that all coin mixers (including centralized ones such a tumblr websites) are unhelpful.

Because not only does the trust of plausible deniability fall apart for the reason I gave above, yet also coins coming out the mixer are tainted with the possibility of being mixed with illegal activity, thus eventually society will reject all coin mixers.

Also the decentralized ones are subject to DoS, and the centralized ones can steal all your money.

So after all that, they just are not helpful.

But coin mixers are not the only aspect of anonymity. We need the mix-nets that anonymize our IP address. But the problem is that if the mix-net is optional for the coin, then everyone who uses it is tainted, as well as being at disadvantage when trying to win the PoW (since speed to broadcast is a factor) as well more DoS issues if running a mix-net.

So it either has to be standard in the coin, or we will never have anonymity.

I am not willing to abandon anonymity FOREVER. Are you?

We only get one chance to release an altcoin. The window of opportunity is rapidly closing.

Please consider if you want to demotivate me and others who might want to produce a serious altcoin that can address the major issues. I am serious.

We already have example mix-nets that work, e.g. Tor and I2P. Yet they are not designed to resist timing attacks. Thus we could tweak their design and then make it standard. We don't have to entirely reinvent the wheel from scratch.

That is why I think it's ok if we skip over the anonymity part, because if some one needs extra anonymity they can always use other software to mask their IP or what ever. I took a look at that survey thread you did a few hours ago and it looks like the demand for a scaled blockchain has now outmatched the demand for increase anonymity.

No they can not. I think you are missing the point I am making that if it is not integrated, then those who use it will be tainted by those who don't.

Do you understand the issue of taint?

The point is some of society will readily bend over for the government and ask where would you like to insert it. They will then taint those who want to protect their privacy. Meaning that those who try to protect their privacy will be grouped by association with those who are attempting illegal activities.

Anonymity has to be standard in the coin, else you never will have it (in the long-run as the socialism ramps up its regulation of decentralized coins).

Yes making a mix-net that isn't subject to timing and DoS attacks requires design effort. You've done a great job on the design of the mini block chain. Do you feel you, aaaxn, bytemaster, myself, et al can't do a good design specification for the mix-net?

Perhaps we could, but my question is this: is it really worth the time and effort when we already have most of what we need to build a next generation crypto-currency and anonymity can be achieved on user level basis?

See my prior post. I am thinking the mix-net can't be an orthogonal feature. I want others to discuss this with me, so we can hash out what is the objective fact.

I overstated a bit to say coin mixers are entirely unhelpful. They just have too many issues and the taint issue is "don't go there" in my mind, especially considering we can get comparable privacy and anonymity by (inconveniently) sourcing our coins in small chunks so we don't need to split the value.

We still have sourcing our coins in small chunks, then we don't need to split value as often. That is just as effective as mixing without the lack of reliability.

And this need plays with my point about debasement.

But I still don't think "sourcing the coins in small chunks" really solves anything in the grand scheme of things. You're talking about people mining coins themselves and then using those coins right? Wouldn't it still be possible to be tainted by those who don't bother taking steps to use freshly sourced coins? I really don't understand how your suggestion is economically plausible when mining is inherently supposed to be a hard and difficult thing.

You're talking about people mining coins themselves and then using those coins right?

Mining isn't required in all cases.

What the coin mixers are primarily intended to solve is where your identity on spends can be correlated, i.e. you buy an abortion and then you send a donation to your Catholic church.

To stop the sends from being associated (i.e. "linked"), we need to spend one coin on abortion and a different coin to your Catholic church. Instead of paying for both from the same coin, or even from the change from the prior transaction, as both of these are linked in the public block chain.

So when we receive coins for any reason, we want to receive them in separate small coin values, so we can spend them by joining inputs instead of needing to split change on large value such that we can't delink spends on items we want to be orthogonal.

Mining could possibly provide a convenient way to get coins anonymously in small chunks (since we are fixing the client resource issue and we could fix the PoW algorithm to eliminate GPUs and ASICs so you fire up your PC to earn some coins).

Wouldn't it still be possible to be tainted by those who don't bother taking steps to use freshly sourced coins?

I am thinking no. The identity of who is paying you a small chunk doesn't necessarily identify you (unless you revealed it to them in some other way), unless they pay you multiple small chunks from the same coin which you can also detect in the block chain of course.

To stop the sends from being associated (i.e. "linked"), we need to spend one coin on abortion and a different coin to your Catholic church. Instead of paying for both from the same coin, or even from the change from the prior transaction, as both of these are linked in the public block chain.

So when we receive coins for any reason, we want to receive them in separate small coin values, so we can spend them by joining inputs instead of needing to split change on large value such that we can't delink spends on items we want to be orthogonal.

To stop the sends from being associated (i.e. "linked"), we need to spend one coin on abortion and a different coin to your Catholic church. Instead of paying for both from the same coin, or even from the change from the prior transaction, as both of these are linked in the public block chain.

So when we receive coins for any reason, we want to receive them in separate small coin values, so we can spend them by joining inputs instead of needing to split change on large value such that we can't delink spends on items we want to be orthogonal.

But that is just so utterly complicated and not user friendly...

Agree. In all my years of programming easy-to-use software, I would never want that, if there was a reasonable way around it.

Unfortunately, I don't see another plausible solution.

I think we could largely automate this somehow. Deterministic wallets may help.

I also thought of forcing the maximum account balance to be say 0.1 coin, but that seems harsh, inflexible, and brittle.

If we don't make it easy and users end up later having their payment history put up on news site and web sites, then Bitcoin and our coin will probably never be accepted by the mainstream.

And this is yet another reason I think the NWO fiat digital currency will win in the end.

So yeah, we better strive hard to make it work.

For the meantime, centralized (web site) coin mixers are being used by those who care to.

I think we can make a smart wallet which optimizes keeping identities distinct on spends, and shows which coins have been spent to which entities, so the remaining balances can be spent on something that doesn't conflict. Yet this still requires the user to do some deep thinking.

One positive thing to keep in mind is that (unless you are really paranoid) you only really need to delink spends that have your identity. So not giving your identity to whom you are spending to is another solution.

So I think that significantly lowers the burden.

And perhaps that is the magic logic I needed to justify that all connections will be forced over a mix-net. I feel we need to be able to justify this design decision to the authorities.

If you click the links at the top of each of the following quotes to read the discussion, it is clear to me that Bitcoin is honeypot for the usual powers-that-be, and it is breaking anonymity and funneling the naive goldbugs into a mix with the criminals and in perfect way to help destroy them during this coming global smash 2016 - 2024 or so.

Also there is complete silence is "that thread" linked below. Thus even though there was a super majority that agreed with 5% perpetual debasement, the silence leads me to believe they don't really disagree with goldbugs.

Thus it means if I tried to create what is better and eliminates that honeypot, I would not only have the authorities on my back (IRS harrassment, etc), I would also not have the support and understanding of the community, because the community is hoodwinked and naive any way.

Everytime I think about doing this project, I feel it can only destroy me.

Someone would have to be crazy to write s/w that prematurely* destroyed the Bitcoin honeypot, they will surely have an unpleasant life thereafter.

* The lack of debasement after 2024 or 2033, indicates it is designed to be destroyed (or morphed into a centrally controlled digital currency), but not until after hoodwinking all those freedom lovers and goldbugs into mixing their wealth with illegal activity, not declaring capital gains, using an asset as a currency without declaring each transaction as a capital gain, etc..

Sad to say, I can't even get the designer to understand currency, so how would we mount a community-wide support to counter-act the evil that would come to anyone who successfully challenged Bitcoin?

To stop the sends from being associated (i.e. "linked"), we need to spend one coin on abortion and a different coin to your Catholic church. Instead of paying for both from the same coin, or even from the change from the prior transaction, as both of these are linked in the public block chain.

So when we receive coins for any reason, we want to receive them in separate small coin values, so we can spend them by joining inputs instead of needing to split change on large value such that we can't delink spends on items we want to be orthogonal.

But that is just so utterly complicated and not user friendly...

Agree. In all my years of programming easy-to-use software, I would never want that, if there was a reasonable way around it.

The US government/fed/banking system triumvirate thoroughly enrich themselves by "printing" valueless bills in return for real goods and services and real power in the world. This, if not precisely, closely parallels how value is absorbed into the bitcoin ecosystem--by funneling it through the top.

Sadly I agree with you. And "Satoshi" (which is probably the same triumvirate, disagree?) has the psychology of these naive goldbugs wrapped around his million BTC finger.

Because I don't want to get very excited about doing something good for the world, only to find out later that the market doesn't understand and is caught up in a gold delusion. If the market just wants to be fooled by their delusion into allowing mining cartels as Satoshi appears to have done to manipulate their psychology, then I need to know that, because it impacts how I should approach this. Generally speaking I am most excited to work when I feel I am doing something good for society and making money at the same time. I am sure it is the same for most of you all. Yet if you all think that gold as a strict currency is good for society, then we are doomed.

Not everyone has to agree, I just need to determine what is the real mindset of the majority of Bitcoiners. So I will start another thread to try to find out.

If you click the links at the top of each of the following quotes to read the discussion, it is clear to me that Bitcoin is honeypot for the usual powers-that-be, and it is breaking anonymity and funneling the naive goldbugs into a mix with the criminals and in perfect way to help destroy them during this coming global smash 2016 - 2024 or so.---Sadly I agree with you. And "Satoshi" (which is probably the same triumvirate, disagree?) has the psychology of these naive goldbugs wrapped around his million BTC finger.

Come on now, if it wasn't for "Satoshi" we wouldn't even be living in a world with decentralized crypto-currency. Quite frankly your above accusations are unfounded, irrational, and not true. If you use Bitcoin properly it's possible to achieve a much higher level of anonymity than any classic banking system could provide.

Quote

Thus even though there was a super majority that agreed with 5% perpetual debasement, the silence leads me to believe they don't really disagree with goldbugs.

Do you believe that you're the only person to ever argue for perpetual debasement? There are several altcoins to my knowledge with perpetual debasement built into them, and as far as I know none of them are very popular. So does that not prove which is more demanded?

Quote

Agree. In all my years of programming easy-to-use software, I would never want that, if there was a reasonable way around it.

Unfortunately, I don't see another plausible solution.

Exactly, there is no reasonable way to do it. If it's not an acceptable solution and you don't have a better solution then it cannot be done. I don't want this thread turning into a discussion about how to solve the anonymity problem, if you want to create a project which is focused on solving the anonymity problem then start a new thread for brainstorming.